Brazen ransomware gangs not afraid to target police
RICHMOND, Va., — Police Chief Will Cunningham came to work four years ago to find his six-officer department was the victim of a crime.
Hackers had taken advantage of a weak password to break in and encrypt the files of the department in Roxana, a small town in Illinois near St. Louis, and were demanding $6,000 of bitcoin.
“I was shocked, I was surprised, frustrated,” Cunningham said.
Police departments big and small have been plagued for years by foreign hackers breaking into networks and causing varying level of mischief, from disabling email systems to more serious problems with 911 centers temporarily knocked offline.
In some cases important files have gone missing.
But things have taken a dark turn recently.
Criminal hackers are increasingly using brazen methods to increase pressure on law enforcement agencies to pay ransoms, including leaking or threatening to leak highly sensitive and potentially life-threatening information.
The threat of ransomware has risen to a level that’s impossible to ignore, with hardly a day going by without news of a hospital, private business or government agency being victimized. On Saturday, the operator of a major pipeline system that transports fuel across the East Coast said it had been victimized by a ransomware attack.
The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions.
In Washington, a Russian-speaking ransomware syndicate called Babuk hacked into the network of the city’s police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid.
A day after the initial threat was posted in late April, the gang tried to spur payment by leaking personal information of some police officers taken from background checks, including details of officers’ past drug use, finances and — in at least one incident — of past sexual abuse.
Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they’ve not seen such aggressive new tactics used before against police departments.
Making the ransomware attacks potentially more damaging, police are now able to collect and store more personal information than ever before through advances in surveillance equipment and technologies such as artificial intelligence and facial recognition software.
Homeland Security Secretary Alejandro Mayorkas has called ransomware a “threat to national security” and said the issue is a top priority of the White House. Congress is exploring giving state and local governments grant money to boost their response to ransomware.
Because ransomware is so lucrative for its perpetrators, who operate out of Western law enforcement’s reach in Russia and other safe havens, experts say the most important tools for battling it are elementary cybersecurity measures.
Statistics of how many police departments have been hit by ransomware attacks are hard to come by, as is information on whether departments ever pay a ransom. There’s no official count and not every incident is made public.
Brett Callow, a threat analyst at the security firm Emsisoft, said he’s counted at least 11 law enforcement agencies affected by ransomware since the beginning of 2020. Officers have been locked out of their computer systems and forced to resort to paper records.
Prosecutors in Stuart, Florida, told local media last year they had to drop a case against suspected drug dealers after a local police department’s files were encrypted by a ransomware gang.
In the nation’s capital, the final outcome is uncertain. The Babuk gang’s threats to release more information have so far not come to pass and the files that were posted have been taken down.
Back in Roxana, the police chief said he didn’t have to pay the hackers because the files were backed up and the department bought new computer equipment for roughly the same amount as the ransom demand. Cunningham reported the hackers to the FBI, but as far as he’s heard they were never caught. The whole experience, Cunningham said, was a real eye-opener.
“It’s amazing how much opportunity is out there for these computer crimes,” he said.